SUSE-SU-2017:2555-1 -- SLES wireshark, libwireshark8, libwiretap6, libwscodecs1, libwsutil7ID: oval:org.secpod.oval:def:89044766 | Date: (C)2021-07-20 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for wireshark to version 2.2.9 fixes several issues. These security issues were fixed: - CVE-2017-13767: The MSDP dissector could have gone into an infinite loop. This was addressed by adding length validation . - CVE-2017-13766: The Profinet I/O dissector could have crash with an out-of-bounds write. This was addressed by adding string validation . - CVE-2017-13765: The IrCOMM dissector had a buffer over-read and application crash. This was addressed by adding length validation . - CVE-2017-9766: PROFINET IO data with a high recursion depth allowed remote attackers to cause a denial of service in the dissect_IODWriteReq function . - CVE-2017-9617: Deeply nested DAAP data may have cause stack exhaustion in the dissect_daap_one_tag function in the DAAP dissector .
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |
Product: |
wireshark |
libwireshark8 |
libwiretap6 |
libwscodecs1 |
libwsutil7 |